Authorize.net CIM M2 - API Login ID and Transaction Key
API Login ID and Transaction Key for Authorize.Net
A Transaction Key is a complex value generated by Authorize.Net that uniquely identifies a merchant's payment gateway account.
It is similar to an account password, but can only be used to authenticate requests submitted to Authorize.Net.
To obtain the Transaction Key:
- Log into your Merchant Interface at https://account.authorize.net.
- Click Account from the main toolbar.
- Click API Credentials & Keys.
- Type in your Secret Answer. You should have configured a Secret Question and Secret Answer during account activation.
If you have not configured this security feature for your account, you will need to do so before you can create these values. Please see your User Profile.
- Select New Transaction Key.
- When obtaining a new Transaction Key, you may choose to immediately disable the old Transaction Key by clicking on the box titled, Disable Old Transaction Key Immediately.
Note: If the Disable Old Transaction Key Immediately box is not checked, the old Transaction Key will automatically expire in 24 hours. When the box is checked, the old Transaction Key will expire immediately. If you have current software installations, do not check this box unless you need to immediately cease all payment processing through your software setup. By not checking the box, the old Transaction Key would remain valid for 24 hours, giving you time to update your software to use the new Transaction Key.
- Click Submit to continue. Your new Transaction Key is displayed.
Be sure to store the Transaction Key in a very safe place. Once it has been generated, it will not be visible again. Do not share it with anyone, as it is used to protect your transactions.
You may generate a new Transaction Key as often as you wish. Do note that security concerns require us to display a given Transaction Key only when it is first generated. If you generate a new Transaction Key, any software or code using the previous Transaction Key will need to be updated with the new Transaction Key to avoid errors.
For the Customer Information Manager (CIM), the Transaction Key is encrypted along with all other transaction data when it is sent to Authorize.Net, and is directly used to authenticate requests submitted to the gateway. If a request cannot be authenticated using the Transaction Key, the request is rejected.